SOME KEY CYBER TERMS YOU NEED TO KNOW ABOUT
Social Engineering Fraud
This is a broad term that describes hackers using psychological manipulation to coerce the victim into handing over login details or downloading malware.
For example, a user receives an email, seemingly from the bank, suggesting that urgent action is necessary – this is quickly followed up by more emails with the aim of getting the user into a panic and handing over the bank login details to the hacker.
Another example of Social Engineering Fraud is emailing a user saying that a patch needs to be downloaded urgently. The user downloads the patch and has in fact downloaded malware onto the system.
Ransomware e.g. WannaCry
Ransomware locks or encrypts files on your computer system. In order to regain control of your systems the hacker will demand that you pay a ransom. Since ransomware is the easiest way for a hacker to get money, and money that is untraceable, it is surging in popularity among the cyber criminals.
Denial of Service Attack (DDoS)
This is when the hacker floods your system with queries which slows it down to the extent that is becomes unusable.
Bitcoin was devised in 2009 and is an electronic payment that is not backed by any Government. It is purely a peer to peer payment system. In order to pay by Bitcoin, you must set up an electronic wallet. This wallet is where you store Bitcoin and carry out transactions. There are Bitcoin exchanges online and you purchase them using any hard currency. Like any other commodity, the value of Bitcoin fluctuates over time. In February 2018 one Bitcoin was valued at £5,000 stg. In September 2020, one Bitcoin was valued at £8,200 stg.
Since Bitcoin transactions are completely anonymous, it is the payment of choice of criminals conducting ransomware attacks.
This type of attack uses disguised email to trick the user into giving out login details or credit card numbers. The attacker poses as a trusted website and dupes the user into giving out private information.
Malware/Virus e.g. Viruses, Trojans, Worms, Spyware, etc.
This is a program that is designed to disrupt the device onto which it has been downloaded. For example, it could freeze the device, slow it down, or give access to a hacker. It is usually found as an attachment to an email, once downloaded the device is infected.
Two Factor Authentication ( 2FA )
This is a system whereby in order to gain access to a system you need to prove your identity in two different ways. This can mean that there are two different passwords required. A more advanced system would text a code to your mobile phone once you have keyed in your password. In order to gain access to the system, you would then have to enter the code just texted to your phone. The purpose of 2FA is to make systems more secure and difficult for hackers to gain access..
Cloud is essentially storage for your data. It is space that you rent from a third party provider that provides cheap, secure and accessible storage for your data.
VPN is short for Virtual Private Network. It is an encrypted network that allows people (staff) to connect with servers and systems (the office) remotely.
General Data Protection Regulations which came into law in the EU in May 2018. Any business that gathers personal data on citizens of the EU is subject to these laws even if the business is not domiciled in the EU. Its fundamental principal is to protect the personal data of individuals.
Cookies are small files that are held on computers. They are activated when a web page is loaded – a small amount of data is held by the cookie and the purpose is to display web pages that are of interest and relevant to the user of the computer. Since October 2020, only cookies that are necessary for the website to function can be automatically downloaded onto a user’s computer. Cookies that track performance or are used for future marketing are only allowed if the user specifically agrees to these cookies.
IP stands for Internet Protocol and the "address" part refers to a unique number that gets linked to all online activity that is done on a specific device. A device can be a computer, laptop, mobile phone or tablet.